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(54) Information processing apparatus, information processing metfiod, and program storage 
medium 



(57) Wiien a content is moved from a flasli memory 
into a content database, a usage rule management pro- 
gram up^lates a variable seq-1 , stored in a 0th defective 
block of a media defect list stored in the flash memory, 
to a new value seq-2. The usage rule management pro- 
gram calculates an MAC value (hash value) on the 
basis of the content stored in the data portion of the 
flash memory, an encrypted encryption key, and impor' 
tant Ififormation Including the variable seq#. The usage 
rule manajaemerit program then compares the calcu- 
lated value with an MAC value stored in the header por- 
tion of the flash memory. If these two values are not 
equal, the usage rule management program disables 
reproduction of the content thereby preventing the con- 
tent from being copied in an unauthorized manner- 
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Description 

BACKGROUND OF THE INVENTION 
5 1. Field of the Invention 

[0001] Tlie present invention relates to an information processing apparatus, an Information processing method, 
and a program storage medium, and more particularly, to an information processing apparatus, an information process- 
ing method, and a program storage medium, which make it possible to prevent data from being tempered or copied in 
10 an unauthorized manner. . 

2. Description of the Related Art 

[0002] Digital technology has become very popular. As a result, various types of content data such as music data 
75 and image data are digitally recorded and reproduced onto or from a storage medium. This mal<es it possible to copy 
content data many times without resulting in degradation In image or sound quality. 
[0003] [However, the advance in the digital technology has created the following problems. 

1 . For example, digital music data can be copied from a compact disic (CD) into a hard disic of a personal computer. 
20 In this case, the music data recorded on the CD is directly recorded on the hard disk or recorded after being com- 

pressad. This makes it possible to distribute a great number of copies via a network such as the Intemet. 

2. There is no limitation in the majdmum number of times that digital music data is copied from a CD into a hard 
disk of a personal computer. This makas it possible to distribute a great number of copies. 

3. When digital music data recorded oh a hard disk of a personal computer is copied into an external device such 
25 as a portable device, the original music data remains on the hard disk after making a copy. This makes it possible 

to distribute a great number of copies. 

4. The problem described in (3) may be avoided if a personal computer is controlled by software such that data 
such as digital music data stored on a hard disk is deleted after the data has been transferred to an external device 
(that is, music data is moved). However, even in this case, the original data can be left on the hard disk by making 

30 a backup copy of the data stored on the hard disk onto another storage medium before moving the data and restor- 
ing the backup data onto the hard disk 

5. When digital musk; da^ta recorded on a hard disk of a computer is copied jnto an external devtee such as a port- 
able device, the personal computerdoes notcheck the authorization of the external devtoa This makes It possible 
to copy digital hiusic data into an unauthorized device. 

35 e. When digital music data Is copied frorti an external device such as a portable device into a personal computer, 
the external device :does not check the authorization of software whfeh controls the personal computer. This makes 
it possible to copy digital music data into a pereonal computer using unauthorized software. 

7. In some cases, when music data is reproduced by a personal computer from a CD, ISRC (international Standard 
Recording Code) included in the music data is used by the personal computer to determine whether a plurality of 

40 contents are the same or not. However, some CDs do not include ISRC data, in this case, it is impossible to deter- 
mine whether a plurality of contents are the same or not 

8. The various functions described above are realized on a personal computer by means of software. Therefore, if 
the software is tempered, it may become possible to operate the computer in a manner different from that intended 
by a system designer. 

[0004] In view of the above, an object of the present invention is to provide a technique for preventing content data 
stored on a hard disk from being tempered or copied in an unauthorized manner. 

SUIVIIVIARY OF THE INVENTION 

50 

[0005] in accordance with an aspect of the present invention, there is provided an information processing appara- 
tus comprising: storage means for storing content data encrypted with an encryption key; holding means for holding 
management infonnation associated with the content data stored in the storage means; calculation means for perfomi- 
Ing a predetemnlned calculation on the basts of the encryption key and calculation infonnation included in the manage- 
55 ment information, the calculation information including update information which is updated with predetermined timing; 
memory means for storing the result of the caiculaflon peribnned by the calculation means; and control means for com- 
paring the reault of tiie calculation peribrmed by the calculation means with a previous calculation result stored in the 
memory means and controlling use of the content data stored In the storage means in accordance with the tesult of the 
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comparison. Preferably, the calculation means performs the calculation applying a hash function to the calculation 

information and the encryption key. 

[0006] Preferabiy, the content data is music data, the calculation information includes identification information 
identifying the music data, and the holding means holds the update information In an area which is not allowed to be 

5 read orwrittenforagertenal purpose. 

[0007] According to another aspect of the present Invention, there Is provided an information processing method 
comprising the steps of: storing content data encrypted with an encryption key; holding management information asso- 
ciated with the content data stored in the storage step; performing a predetemiined caicuiation on the basis of the 
encryption key and caicuiation information included In the management information, the caicuiation information inciud- 

10 ing update inforniation which is updated with predetemiined timing; memory means for memorizing the result of the cal- 
culation performed in the caicuiation step; and comparing the result of the caicuiation performed in the calculation step 
with a previous caicuiation result memorized In the memorizing step and controlling use of the content data stored In 
the storage step in accordance with the result of the comparison. 

[0008] According to still another aspect of the present invention, there Is provided a program storage medium on 
15 which a program Is stored, the program Including the steps of: storing content data encrypted with an encryption key; 
holding management information associated with the content data stored In the storage step; performing a predeter- 
mined calculation on the basis of the encryption key and caksulatlon Information Included In the management infonna- 
tion, the caicuiation Infonnatlon including update Information which te updated with predetennlned timing; memory 
means for memorizing the result of the calculation perfonned In the calculgAlon step; and comparing the result of the 
20 calculaflon perfonned in the cateulatfon step with a previous calculation result memorized In the memorizing step and 
controlling use of the content data stored in the storage step In accordance with the result of the comparison. 
[0009] As described above, In the infonnatlon processing apparatus, the Information method, and the program 
stored In the program storage medium, according to the present Invention, the result of a caicuiation perfonned on the 
basis of calculation information and an encryption key is compared with a previous calculation result, and use of stored 
25 content data is controlled in accordance with the comparison result 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0010] 

30 

ng. 1 1s a schematic diagram Illustrating an embodiment of a content data management system according to the 
present inventlpn; , 

Fig! 2 Is a schematic diagram Illustrating a configuration of a personal computer shown in Rg. 1 ; 
Fig. 3 is a schematic diagram illustrating a configuration of a portable device shown in Fig. 1 ; 
35 Fig. 4 is a block diagram illustrating functions of the personal computer shown in Fig. 1 ; 
Fig. 5 Is a schematic diagram Illustrating a content file; 

Fig. 6 is a flow chart illustrating the process of outputting a content from a portable device shown In Fig. 1 to the 
personal computer shown In Fig. 1; 

Fig. 7 is a schematic diagram Illustrating the operaHon of the flash memory shown In Fig. 3, perfonned during the 
40 process shown in Fig. 6; 

Fig. 8 is a schematic diagram Illustrating a media defect list; 

Fig. 9 Is a flow chart Illustrating the process of moving data from a portable device to the HDP shown in Fig. 2; and 
Fig. 1 0 Is a schematic diagram illustrating the operatfon of the flash memory, perfonned during the process shown 
inRg.9. 

45 , 

DESCRIPTION OF THE PREFERRED EIWBODIMENT 

[0011] Fig. 1 is a schematic diagram illustrating an embodiment of a content data management system according 
to the present invention, A personal computer 1 is connected to a network 2 such as a local area network or the internet. 

50 if the personal computer 1 teceives music data (hereinafter also represented as a content) from any of EMD (electrical 
music distribution) servers 4-1 to 4-3 or form a CD (compact disc) which will be described later, the personal computer 
1 stores the received data after compressing and encrypting it according to a predetermined compression method 
(such as ATRAC-3 (trade mark)) and an encryption method such as DES (Data Encryption Standard). 
[0012] The personal computer 1 also stores data representing rules of using the content stored in the encrypted 

55 fashion. 

[0013] The usage rule data represents, for example, the number of portable devices (PDs) allowed to simultane- 
ously use the content conespondlng to that usage rule data (that is, the numberof PDs allowed to be checked out). The 
personal computer 1 can reproduce the content as long as the number of checked-oUt PDs Is equal to or less than the 
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number specified by the usage rule data. 

[0014] The usage rule data also Indicates that the content is allowed to be copied. That is, even when the content 
has been copied to any of portable devices 6-1 to 6-3, the personal computer 1 can reproduce the content stored ther- 
eon. The maximum number of times that the content is allowed to be copied to portable devices 6-1 to 6-3 may be spec- 

5 ified. in this case, the content cannot be copied a greater number of times than the specified number of times. 

[001 5] The usage rule data may also indicate that the content is allowed to be moved into another personal com- 
puter. If the content is moved into any of portable devices 6-1 to 6-3, the content stored in the personal computer 1 
becomes unusable (the content is deleted or the usage rule data is chahged so that use of the content is disabled). 
[0016] The details of the usage rule data will be described later. 

10 [0017] When a content stored in the encrypted fashion is copied together with associated data (representing the 
content title and the reproduction conditiohis) from the personal computer 1 into the portable device 6-1 via a USB (uni- 
vereal serial bus) 7-1 , the usage rule data associated with the copied content is updated (that is, checked out). More 
specifically, when a content is checi<ed out, the usage rule data storedin the personal computer 1 in terms of the max- 
imum allowable checkout number corresponding to the checked-out content is decremented by 1. If the maximum 

15 allowable checkout number is equal to 0, the corresponding content is no longer allowed to be checked out. 

[001 8] A content stored in the encrypted form In the personal computer 1 may also be copied together with associ- 
ated data into the portable device 6-2 via the USB cable 7-2. In this case, the usage rule data associated with the con- 
tent copied to the portable device 6-2 is updated. Similarly, when a content stored in the encrypted form In the personal 
computer 1 is copied together with associated data into the portable device 6-3 via the USB cable 7-3, the usage rule 

20 data associated with the content copied to the portable device 6-3 is updated. 

[0019] The personal computer 1 may send a command via the USB cable 7-1 to the portable device 6-1 to delete 
(or disable use 61^ a content which has been checkedout In this ca$e, the usage rule data asspclated with the deleted 
content Is updated (that is, checked in). More specifically, Wh0n a content is checked In, the usajge rule stored in the 
personal computer 1 in temis of the maximum allowable checkout number corresponding to the cheoked-In content Is 

25 Incremented 1^1. 

[0020] The personal computer 1 may also send a command via the USB cable 7-2 to the portable device 6-2 to 
delete (or disable use of) a content which has been checked oUt. In this case, the usage rule data associated with the 
deleted content Is updated. Similarly, the personal computer 1 may also send a command via the USB cable 7>3 to the 
portable device 6-3 to delete (or disable use of) a content which has been checked out, and the usage rule date asso- 

30 dated with the deleted content may be updated. 

[0021] In the case where the portable device 6-1 has checked out a content from another personal computer (not 
shown in Fig. 1 ) other than the personal computer 1 , that content cannot be checked in into the personal computer 1 . 
Similarly, in the case where the portable device 6-2 has cheeked out a content from another personal coniputer other 
than the personal computer 1 , that content eannbt be checked in into the personal computer 1. Furthermore, In the case 

35 Where the portable devfee 6-3 has checked out a content from anotherpersonaloomputerotherthan the personal com^ 
puter i , that content cannot be checked In Info the personal computer 1 . 

[0022] When trie personal corirjputer 1 stertsto acquire a content from one of EMD Servers 4-1 to 4-3, the personal 
computer 1 reque^ an EiWD registration server 3 to transmit an authentication key required for mutual authentication 
between the personal computer 1 and one of the EMD servers 4-1 to 4-3. In resportseto the request from the personal 
40 computer 1 , the EMD registration server 3 transmits the authentication key to the personal computer 1 via the network 
2. The EMD registration server 3 also transmits to the personal computer 1 a program required for connection with one 
of EMD servers 4-1 to 4-3. 

[0023] If the EMD server 4-1 receives a request from the personal computer 1, the EMD server 4-1 supplies a 
requested content together with associated data (representing, for example, its title and limitations in terms of reproduc- 

45 tlon) to the personal computer 1 via the network 2. Similarly, if the END server 4-2 receives a request from the personal 
computer 1 , the EMD server 4-2 supplies a requested content together with associated date to the personal computer 
1 via the network 2. Furthermore,.if the EMD server 4-3 receives a request from the.personal computer 1, the EMD 
server 4-3 supplies a requested content together with associated date to the personal computer 1 via the networks 
[0024] The contents supplied from the respective EMD servers 4-1 to 4-3 are compressed in accordance with the 

so same or different compression methods. The contente supplied from the respective EMD servers 4-1 to 4-3 are 
encrypted in accordance with the same or diffbrient enciypti^^^ 

[0025] if a WWW (World Wide Ueb) server S-l receives a request from the personal computer 1 , the WWW server 
5-1 transmits data representing information (as to for example the album title and the manufacturer of the CD)assocI- 
ated with the CD a content of which Is read and data representing Infomiatlon (as to for example the content title and 
55 the composer name) associated with the content to the personal computer 1 via the network 2. If a WWW (World Wide 
Ueb) server 5-2 receives a request from the personal computer 1, the VWW server 5-2 transmite date representing 
infomiation associated With the CD a content of which is read and date representing Information associated with the 
content to the personal computer 1 via the nelwork 2. 
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[0026] The portable device 6-1 stores a content supplied from the personal computer 1 (that Is, a checked-out con- 
tent) together with associated data (representing, for example, the title and/or limitations in terms of reproduction 
thereof). In accordance with the data associated with the content, the portable device 6-1 reproduces the content stored 
therein and outputs it to a headphone or the lil<e (not shown). 
5 [0027] For example, if a content is attempted to be reproduced a greater number of times than the maximum allow- 
able number of times specified by the data associated with the content, the portable device 6-1 terminates the repro- 
duction of that content. If a content is attempted to be reproduced after the expiration date specified by the data 
associated with the (intent, the portable device 6-1 does not reproduce that content, 

[0028] A user rn^ reriiove the portable device 6-1 , In which the content is stdred, from the personal computer 1 , 
10 and may carry it to reproduce the stored content and listen to music corresponding to the content via a headphone or 

thelil<e. 

[0029] Similarly, the portable device 6-2 stores a content supplied f rom the personal computer 1 together with asso- 
ciated data. In accordance with the data associated with the content, the portable device 6-2 reproduces the content 
stored therein and outputs it to a headphone or the like (not shown). A user may remove the portable device 6-2, in 
IS which the content is stored, from the personal computer 1 , and may carry it to reproduce the content and listen to music 
con-esponding to the content via a headphone or the like. 

[0030] Similarly, the portable device 6-3 stores a content supplied from the personal computer 1 together with_ asso- 
ciated data. In accordance with the data associated with the content, the portable device 6-3 reproduces the Content 
stored therein and outputs it to a headphone or the like (hot shown). A user may remove the portable devtee 6-3, in 
20 which the content is stored, from the personal computer 1 , and may cany it to reproduce the content and listen to music 
con-esponding to the content via a headphone or the like. 

[0031] Ih the following discussion, in the case where one of the portable devices 6-1 to 6-3 is described without 
specl^ing a particular one. It is represented simply as a portable device 6. 

[0032] Fi^. 2 illustrates a configuration of the personal computer 1 . A CPU (central processing unit) 1 1 executes 
zs various application programs (which will be described in detail later) and an OS (operating system); A ROM (read only 
memory) 1 2 stores a fix^d part of a program and/or a fixed parameter used by the CPU 11 . A RAM (random access 
memory) 13 stores a progfam executed by the CPU 11 and/ora parameter which msy vary duringthe execution of the 
program. These elements are connected to ohe anQthervl^ a host bus 14 such as a GPU bus. 
[0033] The host bus 14 Is connected to an external bus 16 such as a PCI (peripheral component interoonnect/inter- : . 
30 face) l3us via a bridge 16. 

[0034] A keyboard 18 Is used by a user to Input various commands to the CPU 11. Amouse 19 Is used by the user 
to designate or select a point on the screen of a display 20, The dispilay 20 may be a liquid crystal display or a CRT 
(cathode ray tube) display and it servers to display various kinds of Information In the form of a text or an image. An 
HDD (hard disk drive) 21 drives a hard disk so as to record or reproduce a program executed by the CPU 11 orother . 
35 Information. 

[0035] The drive 22 reads data or a program from a magnette disk. 41 , an optical disk (such as a CD) 42, a magne- 
toopticai disk 43, or a semiconductor memory 44 loaded on the drive 22 and supplies the resultant data or program to 
a RAM 1 3 via an interface 1 7, the external bus 1 6, the bridge 1 5, and the host bus 14. 

[0036] A USB port 23-1 is connected to the portable device 6-1 via a USB cable 7-1 . The USB port 23-1 outputs 
40 data (such as a content or a command to the portable devfce 6-1) supplied from the HDD 21 , the GPU 11 , or the RAM 
13 via the interface 17, the external bus 17, the bridge 15, and/or the host bus 14, to the portable device 6-1. 
[0037] A USB port 23-2 is connected to the portable device 6^2 via a USB cable 7-2. The USB port 23-2 outputs 
data (such as a content or a command to the portable device 6-2) supplied from the HDD 21 , the GPU 1 1 , orthe RAM 
13 via the interface 17, the external bus 17, the bridge 15, and/orliie host bus 14, to the portable device 6-2. 
45 [0038] A USB port 23-3 is connected to the portable device 6-3 via a USB cable 7^3. The USB port 23-3 outputs 
data (such as a content or a command to the portable device fli-3) supplied from the HDD 21 , the CPU 1 1 , or the RAM 
1 3 via the interface 1 7, the external bus 17, the bridge 15, and/or the host bus 1 4, to the portable device 6-3. 
[0039] Ah audio input/output Iriterface 24 has an lEC (iriternatlonal Electrotechnical Commission) -60958 terminals 
24a and executes an interfacing piw»ss to Input/output digital audio date or analog audio data. A loudspeaker 45 gen- 
50 erates a voice/sound con-esponding to the content in accordance with the audio signal supplied via the audio input^out- 
put interface 24. 

[0040] The above-described parts from the keyboard 1 8 to the audio input/output interface 24 are connected to an 
interface 17 which is connected to the CPU 11 via the external bus 16, the bridge 15, and the host bus 14. 
[0041 ] A communication device 25 is connected to the network 2 so that data (such as a registration request or a 
55 content transmission request) supplied from the CPU 1 1 orthe HDD 21 is transmitted in the form of packets via the netr 
work 2. The communication devtee 25 is also used to receive data (such as an authentication key or a content) in the 
form of packels and suppV the received date to the CPU 11 , tiie RAM 13, or th^^^ 

[0042] Ah adapter 26 has a CPU 32 which is generally constructed In the fonn of a semiconductor Integrated circuit. 
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When the adapter 26 is mounted on the personal computer 1, the CPU 32 cooperates with the CPU 1 1 via the external 
bus 16, the bridge 15, and the host bus 14 so as to execute various processes, A RAIVI 33 is used to store data or a 
program required for the CPU 32 to execute various processes.. A nonvolatile niemory 34 stores data which Is needed 
to be held after the power of the personal compute 1 is turned off. A ROM 36 stores a program for decrypting an 
5 encrypted program received from the personal computer 1. An RTC (real time clock) 35 perfonns a clocking operation 
and supplies time information. 

[0043] The communication device 25 and the adapter 26 are connected to the CPU 1 1 via the external bus 1 6, the 
bridge 15, and the host bus 14. 

[0044] In the following discussion, when one of the USB ports 23-1 to 23-3 Is described without specifying a partlc- 
^o ular one, It is represented simply as a USB port 23. Similarly, when one of the USB cables 7-1 to 7-3 is described with- 
out specifying a particular one, it is represented simply as a USB cable 7. 

[0045] The configuration of the portable device 6 is described below with reference to Fig. 3. A power supply circuit - 
52 receives a power supply voltage from a dry battery 51 and converts it internal power with a predetermined voltage. 
The resultant power is supplied to various parts from the CPU 53 to the display 67 over the entire portable device 6. 
75 [0046] When a USB controller 57 Is connected to the personal computer 1 Via a USB connector 56 and a USB cable 
7, if the USB controller 57 receives data such as a conteintfrom the personal computer 1, the USB controller 57 trans- 
fers it to the CPU 53 via ah Internal bus 58. 

[0047] The data transmitted from the pergonal computer 1 1sforrnedof packets each consisting of 64 bytes, and the 
data ls transmitted at a rate of 12 Mblts/sec. The data transmitted Into the portable device t is fbrmed of a header and 

20 a content (as win be described In ddtalllatei). 

[0048] If the portable devkse 6 receives a content write command together whh a content from the personal compu- 
ter 1 , thfe CPU 53 controls the flash memory controller 60 so as to write the content received from the personal compu- 
ter 1 Into the flash memory 61 In accordance wBti the write command, under the control of the main program loaded 
frem the ROM 55 into the RAIVI 54. 

25 [0049] . The flash memory has a storage capacity of about 64 Mbytes available for storing contents. The flash mem- 
ory 61 Includes a reproduction code for decohipressing a compressed content according to a predetermined method. 
[0050] The flash memory 61 is constructed in the form of a memory card which may be removed from the portable 
devk;e6. 

[0051] If a user presses a play/stop button (not shown), and if, as a result, a play command is supplied to the CPU 
30 53 via a command key controller 62, the CPU 53 controls the flash memory controller 60 so as to read a reproduction 
code and a content from the flash memory 61 and transfer them to a DSP 59, 

[0052] In accordance with the reproduction code received from the flash mamory 61, the DSP 69 peri'orms a ORG 
(cyclic redundancy check) en-or detection operation upon the obrtelit ah^^^^ reproduced date 

- — (denoted by Di In Bg, 3) Is supplied to a dlgte^^ 

35 [0053] The DSP 59 reproduces a poniteM In synohrorilzaUon with a master clock MCLKg 

oscillator circuit coupled with an oscillator BdA whiph Includes an extemal quartz resonator. To the digltal-to-analog con- 
verter 63, the DSP 69 also supplies the master clock MCLK, a bit clock BGLK with a predetermined frequency gener- 
ated by the internal oscillator circuit on the basis of the master clock MCLK, and operation clocks LRCLK including an 
L-channel clock LCKL and an R-channel clock RCLK with a period corresponding to the frame interval. 

40 [0054] The DSP 59 supplies the above-described operation clocks to the digital-to-analog converter 63 in accord- 
ance with the reproduction code when a content is being reproduced. However, when no content Is reproduced, the 
DSP 50 stops the supply of the operation clocks In accordance with the reproduction code, thereby stopping the oper- 
ation of the digital-to-analog converter 63 so as to reduce the total power consumption of the portable device 6. 
[0055] Similarly, the CPU 53 and the USB controller 57 have external oscillators 53A and S7A, respecBvely, each 

45 Including a quartz resonator, and they perform various operations In accordance with master clocks MCLK supplied 
from the oscillators 53A and 57A. 

[00S6] By forming the portable xlevlce 6 In the above-described manner. It becomes unnecessary for the, por^ble 
device 6 to Include a clock generator fnodule forsupplylng a clbek to circuit bibcks such a^ the CPU 53, the DSP 59, 
and the USB controller 57. This results In a simplification in the drcutt configuration arid also a reduction In size. 
so [0057] The digital-to-analog converter 63 converte the reproduced dontent to an analog audio signal and supplies 
the resultant signal to an amplifier 64. The amplifier 64 amplifies the audio signal and supplies the amplified audio signal 
to a headphone (not shown) via a headphone jack 65. 

[0058] As described above, when the play/stop button (not shown) of the portable device 6 is pressed, a content 
stored in the flash memory 61 is reproduced under the control of the CPU 53. If the play/stop button is pressed during 
55 the reproducing operation, the reproduction of the content is stopped. 

[0059] After stopping the reproduction, if the play/stop button of the portable device 6 is pressed again, the repro- 
ducHoh of the content is restarted from the position where the reproduction has been topped, under the confrol of the 
CPU 53. If no operation Is performed for several seconds after the play/stop button was pressed to stop the reprbduc- 
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tion, the portable device 6 automatirally turns off the power so as to reduce the power consum 
[0060] If the play/stop button is pressed after the power has been turned off, the portable device 6 starts reproduc- 
ing the content not from the position where the reprodurtlpn has bean stopped by the previous operation of pressing 
the play/stop button, but from the beginning of the content. 
5 [0061] The CPU 53 of the portable device 6 controls the LCD controller 66 SO as te displ^^ 

infonnation as to the reproduction mode (such as a repeat mode, a scan-and-play mode) the equaHzer controller (gain 
controller for controlling the gains of an audio signal for various frequency bands), the content number, the play time, 
the operation status (play, stop, fast-forward, reverse), the sound volume, and the remaining capacity of the dry battery 
51. 

10 [0062] Furthermore, the portable device 6 includes an EEPROIVl 68 which stores a FAT (file allocation table) repre- 
senting the number of contents stored in the flash memory 61, the block locations of the flash memory 61 where the 
contents are stored, and other various l<inds of memory storage Information. 

[0063] In the present embodiment, each content is handled in units of b|Qck$ each including 64 Kbytes, and the 
block location of each content is described in the FAT. 
IS [0064] In the case where the FAT Is stored in the flash memory 61, the FAT is stored as follows. For example, if a 
first content is written Into the flash memory 61 underthecontrol of the CPU 53, the block locatlort of the first content 
is writtdn in the FAT In the flash memory 61 . If a second content Is written thereafter In the flash memory 61, theblock 
location of the second content is written In the FAT In the flash mehiory 61 (In the same memory airea as the first con- 
tent). 

20 [0065] As described above, the FAT is updated each time a content Is Written into the flash memory 61 , and the 
same data is written in a duplicated fashion for the purpose of backup. 

[0066] If the FAT Is written in the flash memory 61, the same area of the flash memory 61 Is rewritten twice each 
time a content is written. As a result, a small number of operations of writing contents into the flash memory 61 causes 
the nuhiber of rewriting operations .to reach the maximum allowable number, and it becomes impossible to further 
zs rewrite the flash memory 61. 

[0067] In the portable devkie 6, in order to avoid the above problem, the FAT is stored in the EEPROM 68 Instead s 
of the flash ffiemory 61 thereby reducing the number of operations of rewriting the flash memory 61 required each time - 
a content is written. 

[0068] In the ppi;table device 6, because the FAT whteh is frequently rewritten Is stored in the EEPRQM 68, the 
30 maximum allowable number of writing operations l)ecomes several ten times .61- more gwater thah can be wh0n the FAT 
is stored in the flash memory 61. Furthennore, the CPU S3 controis the EEPi=lOM 68 such that the FAT Is written in an 
appended f^hlon, thereby reducing the nuhiber of writing openation Into the same area of the EEPROM 68 and thus 
preventing the EEPROM 68 from becoming unusable in a short time. 

[0069] If the portable device 6 Is connected to the personal computer 1 via the USB cabie 7 (hereinafter, this state ■■ 
X Is represented as a USB-connected state), the USB controller 57 sends an interrupt signal to the CPU 53. Thus, the 
CPU 53 recognizes that the portable device 6 has been connected to the personal computer 1 . 
[0070] As a result, a current with a predetermined magnitude is supplied frpm the personal computer 1 to the port- 
able device 6 via the USB cable 7. Furthermore, the CPU 53 controls the power supply circuit 52 such that the supply 
of power from the dry battery 51 is stopped. 
40 [0071 ] When the portable device 6 Is in the USB-connected state, the CPU 53 controls the DSP 59 so as to stop 
reproducing a content thereby preventing the external power supplied from the personal computer 1 from exceeding the 
, maximum allowable current and thus allowing specified external power to be supplied to the portable device 6. . 
" [0072] When the portable device 6 Is USB^nnected, the CPU 53 iBWltche^ 
51 to that supplied from the personal computer 1 as described above, so thatthe external electric power which Is sup- 
45 pliedfromthepersonail dbmisuter l and which rieeds lowercost ls usedlnsteadof using the dry battery 51 which needs 
higherpovrer cost This saves the life of the dry battery 51 . 

[0073] When external power is supplied to the portable device 6 from the personal computer 1 via the USB cable 
7, the CPU 53 stops the reproducing operation of the DSP 59 thereby reducing radiation from the DSP 59 and thus 
reducing the total radiation from the system including the personal computer 1 . 

so [0074] Fig. 4 is a block diagram illustrating the functions of the personal computer 1 achieved by means of execut- 
ing a program by the CPU 1 1. A content management program 1 1 1 is formed of a plurality of programs including an 
RMD selection program 131,s a check-in/check-out management program 132, an encryption method conversion pro- 
gram 135, a compression method conversion program 136, an encryption program 137, a usage rule conversion pro- 
gram 1 39, a usage rule management program 1 40, an authentication program 1 41 , a decryption program 1.42, a PD 

55 driver143, a purchase program 144, and a.purchase program 146. 

[0075] The content management program 1 11 is described by shuffled or encrypted instructions so thatthe Instrtic- 
tlons are concealed from the outeide. This makes it difficult for an unauthorized user to analyze the Instrucfipns (more 
speclfitally. If the unauthorized user directly reads the purchase program 1 44; it is Impossible to analyze the instruct 
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tions). 

[0076] The EMD selection program 131 fs not included in the content management program 1 1 1 initially installed 
in ttie personal computer 1, but the EMD selection program 1 311s downloaded from an EMD registration serer3 via the 
networl< during an EMD registration process which will be described later. The EMD selection program 131selects one 

5 of EMD servers 4-1 to 4-3 and connects the personal computer 1 to the selected EMD server. After achieving the con- 
nection, the purchase application program 115 or the purchase program 144 or 145 communicates with the selected 
EMD server of the EMD servers 4-1 to 4-3 (so as to download a content to be purchased). 
[0077] The check-iriA:hecl<-out management pnagram 1 32 checite out a content stored In one of the content files 
161-1 to 161 -N to one of the portable devices 6-1 to 6-3 orcheelcs in a content stored in one of the portable device 6-1 

10 to 6-3, in adcordance with the check-in/checl(-out conditions and the usage rule files 1 62-1 to 1 e2-N stored in the con- 
tent database 114 

[0078] Depending on the check-in/checlc-out process performed, the check-in/check-out management program 
1 32 updates the usage rule data described in the usage rule files 1 62-1 to 1 62-N stored in the content database 1 1 4. 
[0079] A copying management program 1 33 copies a content stored in one of content files 1 61 -1 to 161 -N into one 

IB of portable devices 6-1 to 6-3 or copies a content from one of portable devices 6-1 to 6-3 into the content database 1 1 4, 
in accordance with the usage rule files 162-1 to 162-N described in the content database 114. 
[0080] A movement management program 134 moves a content stored in one of content files 161-1 to 161-N into 
one of portable devices 6-1 to 6-3 or moves a content from one of portable devices 6-1 to 6^^ Into the content datat)ase 
1 14, in accordance with the usage rule files 162-1 to 162-N described iri the content database 114. 

20 [0081] The encryption conversion program 135 converts the encryption method of a oortentrBcelved frdfn the EMD 
server 4-1 via the netwprl(2 und$r the control of the purchase application progranri 115, or th^ encrypUon method of a 
content recejvsel from the EMD sertrer 4-2 under the control of the purohasB pixigram 144, or the encryption method of 
a content received from the EMD server 4^ under the control of the purohese program 1 45, Into the same encryption 
method as that of contents stored in the content files 161-1 to 161-N stored In the content database 114. 

2S [0082] TTie encryption method conversion program 135 also perttoitns a conversion V*en a co^^^ 

Into any of the portable devices 6-1 to 6-3 such thatthecontehtis encrypted according to an encryptfen method which 
can be decrypted by the portable devices 6-1 to 6-3. 

[0083] The compression method conversion program 1 36 converts the compression method of a content received 
from the EMD server 4-1 via the network 2 under the control of the purchase application program 11 5, the compression 
30 method of a content received from the EMD server 4-2 under the control of the purchase program 144, orthe encryption 
method of a content received from the EMD server 4-3 under the control of the purchase prograhfi 145, Into the same 
compression method as that of contents stored in the content files 1 61 -1 to 1 61 -N stored in the cqnterit datebaee 114. 
[0084] When a content Is checked out into any of the portable devices 

slon program 136 converts the compression method of the content to be checked oUt into a conversion method whteh 

35 is allowed In the portable device 6-1 or 6-3. 

[0085] If the encryptlpn program 137 receives, from the recording program 1 13, a content (not encrypted) readfrom 
for example a CD, the encryption program 137 encrypts the received content in accordance with the same encryption 
method as that of contents of the content files 1 61 -1 to 1 61-N stored in the content database 114. 
[0086] If the compression/decompression program 138 receives, from the recording program 113, acontent (not 

40 compressed) read from for example a CD, If the compression/decompression program 138 compresses the received 
content in accordance with the same compression method as that of contents of the content files 1 61 -1 to 1 61 -N stored 
in the content database 114. The compression/decompression program 138 also deoohipresBes a compressed con- 
tent, as required. 

[0087] The usage rule conversion program 139 the usage rule data associated with a content received from the 
45 EMD server 4-1 via the network 2 under the control of the purchase application program 1 15, the usage rule data asso- 
ciated with a content received from the EMD server 4-2 under the control of the purchase program 1 44, or the usage 
rule data associated with a content received from the EMD server 4-3 under the control of the purchase program 145, 
Into the Same format as that of the usage rule data described in the usage rule files 162-1 to 162-N storedlntlie content 
database 114. 

so p)088] The Usage rule conversion program 139 also performs a conversion when a content Is checked out Into any 
of the portable devices 6-1 to 6-3 such that the usage rule date associated with the checked-out content becomes usa- 
ble by the portable devices 6-1 to 6-3. 

[0089] Before copying, moving, checking-ln, or checking-out a content, the usage rule management program 140 
checks whether the usage rule data has been tempered, on the basis of the hash value (which will be described later) 
55 corresponding to the usage rule data described in the usage rule files 1 62-1 to 1 62-N stored in the content database 
114. If usage rule data described in any of the usage rule files 162-1 to 162-N stored in the content database 114 is 
updated in response to the operation of copying, moving, checklng-in or checking-out a content, the usage rule man- 
agement prograrn 140 updates the hash value con^pondlng tot 
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[0090] The authentication program 1 41 performs mutual authentication between the content management program 
1 1 1 and the purchase application program 115, and also peffbrms mutual authentication between the content manage- 
ment program 111 and the purchase program 144. The authentication program 141 includes an authentication l<ey 
used in the mutual authentication process between the EMD server 4-1 and the purchase application program 115, 
5 between the EMD server 4-2 and the purchase program 144, and between the EiViD server 4-3 and the purchase pro- 
gram 145. 

[0091 ] The authentication l<ey used by the authentication program in the mutual authentication is not included in the 
authentication program 141 when the content management program 111 is installed into the personal computer 1. 
When registration has been successfully perfonned by the display control program 112, the authentication key is sup- 
to plied from the EMD registration server 3 and stored In the authentication program 1 41 . 

[0092] When the personal computer 1 reproduces a content stored in any of the content files 1 61 -1 to 1 61 -N in the 
content database 114, the decryption program 142 decrypts the content. 

[0093] When a content is checked out into the portable device 6-2 or when a content is checked in from the portable 
device 6-2, the PD driver 143 supplies the content to the portable device 6-2 and sends a command to the portable 
15 device 6-2 to perfonn the checking-out or checking-in proems. 

[0094] When a content is checked out into the portable device 6-1 or When ^ content Is checked In from the portable 
device 6^1 , the PD driver 143 supplies the content to the device driver i 1 6^1 and isends a command to the device driver 
116-1 to perfonn the checking-out or checking-in process. 

[0095] When a content is checked out into the portable device 6-3 or when acontent is checked In frohi the portable 
20 device 6-3, the PD driver 1 43 supplies the content to the device driver 1 16-2 and sends a command to the device driver 
11 6-2 to perform the checking-out or checklng-ln process. 

[0096] The purchase program 1 44 Is a so-called plug-In program which is installed together with the content man- 
agement program 111. The purchase program 144 may be supplied from the EMD registration server 3 via the network 
2 or may be supplied via a CD. When the purchase program 1 44 is installed into the personal computer 1 , the purchase 
2S program 144 exchange data with the content management program 1 1 1 via an interface In a predetermined fonn pro- 
vided In the content management program 111. • 

[0097] The purchase program 144 is described by shuffled or encrypted instructions so that the instructions are 
concealed from the outside. This makes it difficult for an unauthorized user to analyze thelnstructlons (more speciflcaliy, 
if the unauthorized lijser directly reads the purchase program 1 44, It is Impossible to analyze the ihstrucHonej. 
30 [0098] ThepurchMeprogram144requeiBt8viathenetwoi^k2theE|WDserver4-2totran8mita:desiredc^^^^ 

receives the content from the EMD server 4-2. The purchase program 144 perfonns an accounting process when a 
content Is received from the EMD server 4-2. 

[0099] The purchase program 145 is installed together with the content management program 111. The purchase 
program 145 requests via the network 2 the EMD server 4-3 to transmit a desired content, and receives the content 
35 from the EMD server 4-3. The purchase program 1 45 performs an accounting process when a content is received from 
the EMD server 4-3. 

[0100] The display control program 112 displays a window image on the display 20 in accordance with the filtering 
data file 1 81 , the display data file 1 82, the Image files 1 83-1 to 1 83-K, and the history data file 1 84. in response to an 
operation performed by a user upon the keyboard 1 8 or the mouse 1 9, the display control program 112 sends a com- 

40 mand to the content management program 1 1 1 to perform checking-in, checking-out, or other processes. 

[0101] The filtering data file 181 Is stored on the HDD 21 and Includes data representing the weighting tactoiis of 
the respective contents described In the isontent flies 161:1 to 1 61 -N stored in the oorrtent database 114, 
[0102] the display datafiie 1 82 is stored On the HDD 21 and Includes data corresponding to the contents described 
In the respective content files 1 6lVl to 1 61 -N stored In the cbntentdatabase 1 14- 

45 [0103] The image files 1 83-1 to 1 83-K are stored on the HOD 21 and include images corresponding to the cofitenls 
described In the respective content flies 1 61 -1 to 161 -N stored in the content database 1 14 or Include Images com- 
spending to packages which will be described later. 

[0104] In the following discussion, in the case where one of the image files 183-1 to 183-K is described without 
specifying a particular one, it is represented simply as an Image file 183. 
50 [0105] The history datafiie 184 is stored on the HDD 21 and includes history data representing, for example, dates 
and the number of times the contents described in the content files 1 61 -1 to 1 61 -N stored in the content database 1 1 4 
have been checked out or checked in. 

[0106] When registration is perfonned, the display control program 112 transmits identification data, which has 
been stored in advance, of the content management pnjqram 111 tothe EMD registration servef 3 via the network 2. 
K Furthermore, the display control program 1 12 receives the autheriflcation key and the EMj3 SeleiBtiori pi'qgramlSI from 
the EMD registration server 3 arid transfers the i^pelved authentication key and EMD selection program to the content 
management program 11 1. 

[0107] The recording program 113 display a predetemiined window image and,.in response to an operation per- 
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formed by a user upon the keyboard 1 8 or the mouse 19, reads data representing such as the recording time of a con- 
tent, from an optical disl< such as CD 42 mounted on the drive 22. 

[0108] On the basis of the data representing for example the recording time of a content recorded on a CD, the 
recording program 1 13 requests via the network 2 the WWW server 5-1 or 5-2 to send data corresponding to the CD 
5 (for exanhple. the album title or the artist name) or data corresponding to the content recorded on the CD (for example, 
the content title), and receives data corresponding to the CD or data corresponding to the content recorded on the CD 
from the WWW server 5-1 or 5-2. 

[0109] If the recording program 113 receives the data corresponding to the CD or the data corresponding to the 
content recorded on the CD, the reoording program 1 13.supplies the received data to the display contrel program 1 12. 

10 [Oil 0] If a recording command Is input, the recording program 1 1 3 reads the content from the optical disk or the 
CD 42 mounted on the drive 22 and the outputs the contertt to the content management program 111. 
[0111] if the content database 114 receives from the content management program 1 1 1 a content compressed 
according to a predetermined compression method and encrypted according to a predetermined encryption method, 
the content database 1 1 4 stores the received content into one of the content files 1 61-1 to 1 61 -N. The content database 

15 1 14 also stores usage rule data corresponding to the contents of the content files 1 61 -1 to 1 61 -N in the usage rule files 
162-1 to 162-N (on the HDD 21) corresponding to the respective content flies 161-1 to iei-N. 
[0112] The content database 1 14 may store the content files 161-1 to 161 -N or the usage rule files 162-1 to 162-N 
In the fonn of records. 

[01 13] For example, the usage rule data associated with the content stored In the content file i 61 -1 Is stored in the 

20 usage rule file 1 62-1 . Similarly, the usage rule data assoclatedwith the content storectin the content file 1 61 -N Is stored 
In the usage rule file 162-N. , 
[0114] In the following discussion^ In the case vvhere one of the content files 161-1 to 161-N 1$ described without 
specifying a particular one, It Is rejiresented simply as a content file 161, Similarly, when one of the content files 162-1 
to 1 62-N Is described without specifying a particular one, It Is represented simply as a content file 1 62. 

25 [0115] The purchase application program 1 1 5 may be supplied from the EMD registration server 3 via the network 
2 or may be supplied via a CD-ROI\^. The purchase application program 1 15 requests via the network 2 the ElVID server 
4-1 to transmit a content, if the purchase application program 115 receives the content from the EMD server 4-1, the 
purchase application program transfers the received content to the content management program 111. The purchase 
application program 115 performs an accounting process when the content is received from the EMDserver4-1. 

30 [0116] Under the control of the content management program 111, the driver 117 drives the audio input/output 
interface 24 so as to input a content in the form of digital data from the outside and transfer It to the content manage- 
ment program 1 1 1 , or output a content in the form of digital data supplied from the content database 1 14 ylathe content 
management program 11, or output an analog signal con-esponding to a content supplied from the content database 
1 1 4 via the content management program 1 1 . 

35 [0117] Amethodof preventing a content stored in the flash memory 61 (such as a Memory Stick (tra^ 
the portable device 6 from being coplad In an unauthprlzed manner Is described below, 

[0118] A content file stored in the flash mernory 61 of the portable device 6 includes a header portion and a data 
portion, as shown in Fig. 5. In the header porflort, irjtormatlon as to the content Identifier, the number of reproducing 
operations, the reproduction limit, the content title, and; the artist name Is described. On the other hand, in the data por- 
40 tion, a content compressed accordingto a compressioniriethodsuch as KTRfiC-S and encrypted Is described, in order 
to prevent the content from being tempered, an MAC (message authentltiitlon code) value la described In the header 
portion of the content file. The MAC value is catoulated using a unidirectional function (such as SIHA or DES) called a 
keyed hash in accordance with equation (1) shown below: 

45 MAG Value = MAC(l<o, Important infonnaUon) (1) 

where Kc Is the content key (encryption key) used to encrypt the content described in the data portion, and IrnpCrtant 
Infonriatlon Is particular part (as to, fbr example, the cbhtent Identifier, the number of reproducing opierations performed, 
and the repiibduction limit) of the IhlbhTi^ 
50 [0119] The content Idi^ritlfler ls assigned b the content to Me 

the tile of the content In the ASCII (American National Standard Code for Information Interchange) code. The artist 
name is data representing. In the ASCII code, the artist name, tiie songwriter name, and/or the composer name asso- . 
dated with the content. 

[01 20] The reproduction limit is data indicating whether the period of time (start date/time, expiration dateAltri^) dur- 
55 ing which the content is allowed to be reproduced or the limit of the number of reproducing operations (the m^ltflum 
allowable number of operations of reprpdudng the content) is set or not. When the limit of the number of reproducing 
operations Is specified, the reproduction limit is set to "1 ", while It Is set to •2" when tiie period of time Is specified. When 
neither the limit of tile number of reproducing operations nor the period of time is speclfled (as Is the case when the 
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content is purchased), the reproduction limit is set to "0". 

[0121] . When the reproduction ilmlt is set to "1" or "2", the value of the nunriber of reproducing operations Is updated 
by the CPU 53 each time the content is reproduced so that it indicates the number of times the content has been repro- 
duced. 

[0122] Fig. 6 iiiustrates the process performed by the persohai computer 1 to reproduce a content, such as that 
shown in Fig. 5, stored in the flash memory 61 of the portable device 6. In step SI , the authentication program 1 41 of 
the personal computer 1 perfonns mutual authentication with the CPU 53 of the portable device 6 and acquires the 
common communication key Ks. Using the communication key Ks, the authentication program 141 acquires the encryp- 
tion key Kc used to encrypt the content described In the data portion of the flash memory 61 . 
[0123] More specifically, the authentication program 141 performs mutual authentication with the CPU 53 and 
acquires a communication key Ksi . On the other hand, the CPU 53 performs mutual authentication with the flash mem- 
ory 61 via the internal bus 58 and the flash memory controller 60, and acquires a common communication key Ksg. 
[0124] If the mutual authentication process is unsuccessful, the reproduction process is terminated. If the mutual 
authentication is successful, the flash memory 61 decrypts the encryption key Kc (encrypted using the storage key) 
stored therein using the storage key which is also stored therein. The flash memory 61 then encrypts the encryption key 
Kc with the communication key Ksa and transmits it to the CPU 53 via the flash memory controller 60 and the internal 
bus 58. The CPU 53 decrypts the received encryption key Kcusing the communication key Ksg. 
[0125] Furthennon9, the flash memory 61 reads the Important information and the previous MAC value described 
: In the header portion of a content file (Fig. 5). The flash memory 61 encrypts the Important Inlbrmation and the previous 
iViAC value with the communication key Ksg and transmits them to the CPU 53. Upon reception of the Important infor- 
mation and the previous MAG value, the CPU 53 decrypts them using the communication key Ksg. 
[0126] The CPU 53 encrypts the encryption key Kc, the Important infomiatlon, and the previous MAC value with the 
communication key Ks^ with the communication key Ks^ and transmits them to the authentication program 141 of the 
personal computer 1. The authentication program 141 decrypts them using the decryption program 142 In accordance 
with the communication key Ksi. 

[0127] As described above, when contents are transmitted between the flash memory 61 and the CPU 53 or 
between the CPU 53 and the authentication program 141 , the contents are encrypted using the communication key Ksg 
or Ksi . However, such an encryption process is not described in the following discussion unless it is described for the 
purpose of emphasis. 

[0128] In step S2, the user conditipn management program 140 calculates the MAG value from the encryption key 
Kc and the important Information described In the header portion of the content flle obtainecl In step SI, In accordance 
with equation (1) described above. The resultant value Is substituted Into R. In step S3, the usage rule management 
program 140 comr^res ttie value of R calculated in step S2 with the previous MAC value described In the header por- 
tion Of the content file, if these two values are not equal to each other, the usage rule management program 140 goes 
to step S4. In step S4, the display control program displays a message such as "There Is a possibility that the content 
may have be tampered." on the display 20, and the process is temnlnated. In this case, the content stored in the flash 
memory 61 of the portable device 6 Is regarded as being tampered, and thus it is not reproduced. 
[0129] In the case where it is determined in step S3 that the value of R and the previous MAC value described in 
the header portion of the content file are equal to each other, the process goes to step 85. In step S5, the content man- 
agement program 1 1 1 receives the encrypted content from the flash memory 61 via the CPU 53. The received 
encrypted content is then decrypted by the decryption program 142 using the encsryptlon key Ka The decrypted content 
Is applied to the compression/decompression program 138 to decompress It. The resultant content is output (repro- 
duced) via the audio input/output interface 24. 

[0130] In step S6, the usage rule management program 140 controls the CPU 53 so as to increment, by 1, the 
number of reproduction operations descrlbed ln the important Information in the he&derportlon of the content file. Fur- 
thermore, in step S7, the use management program 140 controls the CPU 53 so as to calculate the MAG value using 
the updated Important information (In which the number of reproduction operations has been Incremented by 1) In 
accordance with equation (1 ) and update the MAC value described in the header portion of the content file stored in the 
flash memory 61 with the calculated value. Because the calculation of the MAC value needs the encryption key Kc, the 
MAC value can be calculated only when the device or the use management- program 1 40 is authorized. 
[0131 ] However, the technique described above with reference to Fig. 6 cannot prevent a content from being copied 
in an unauthorized manner using a technique described below with reference to Fig. 7. That is, a content file (having an 
MAC value equal to MAC-1 ) stored In the flash memory 61 -1 of the portable device 6-1 (that is, the flash memory of the 
first portable device 6-1) is backed up Into the content database 1 14 in the HDD 21 so thatthe content file is stored as 
a content file 161-1 (MAC-1) In the content database 114. After the above backing-up process, the original content file 
(MAC-1) remains in the flash memory 61-1. 

[0132] Thereafter, the content flle (MAC-1) stored In the flash memory 61 -1 is moved Into the content database 114. 
As a result, a content flte 161-2 (MAC-1) is stored in the content database 1 14. As a result of the movement of the con- 
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tent file, the content file (MAC-I) is deleted from thaflash iViemoty 61-1, and the content datiabase 114 includes two 
content flies 1 6^1 (IVIAG-I) and 161-2 (MAC-1). 

[01 33] Thereafter, the content file 1 61 -1 (MAC-1 ) stored In the contierit database 1 1 4 lis restored Into the flash mem- 
ory 61-1 . As a result, the content file 1 61-2 (ly^AC-l) is left in the content database 1 14. After that, the content file 1 61- 

5 2 (MAC-1 ) is moved from the content database 1 1 4 into the flash memory 61 -2 of the portable device 6-^ (the flash 
memory 61 of the second portable device 6-2). As a result, the same content file (MAC-1) has been stored Into the two 
flash memories 61-1 and 61-2. Thus, the personal computer 1 can reproduce the content file 161-2 (MAC-1) stored in 
the flash memory 61 -2 as well as the content file 161-1 (MAC-I ) stored in the flash memory 61-1. 
[0134] In the present invention, to prevent contents from being copied In the unauthorized manner described above, 

10 the MAC value may be detemiined in accordance with equation (2) described below. 

MAC Value i MAC(Kc, seq# 1 1 Important Information) (2) 

In equation (2), seq# is a variable which is updated (for example, incremented) each time a content is moved or copied. 

IS The variable seq# Is stored in the 0th block of a media defect list which is stored In the flash memory 61 and which is 
not allowed to be accessed by a usual program (which is allowed to be accessed only by the adapter 26 or the usage 
rule management program 140). In equation (2), symbol I I is usedto represent oon(»!tenat|on (connection). More spe- 
cifically, A 1 1 B represents data (a+ b bits) produced by simply connecting data A (a bite) and data B (b bits) in such a 
manner as to place data B immediately following th0 least significant bit of data A. 

so [0135] The media defect list represente, as shownin Rg. 8A, dalisotlve (bad) bloote (blocks Includlhg a defect) and 
alternative blocks which are used instead of the respective defecOve blocks, if a block Is registered as a defective block 
in this list, the reading and writing of that block is basically disabled, and data is read or written from or to an alternative 
block corresponding to that block. However, a block having no defect is registered as the 0th defective block so that this 
block is used by the CPU 53 when a special command is received. The variables seq# are stored in this 0th defective 

25 block as shown In Fig. 88. 

[0136] The special command can be issued only by the adapter 26 and the usage rule management program 140. 
Therefore, only the adapter 26 and the usage rule manajgement program 140 can access the 0th defective bloisk. 
[0137] The variables seq# are assigned tb respective contents (trapks) In a ohe-46^one fashion. Therefore, the 
recalculation of the MAC value Is performed content by content (track by trad^. 

30 [01 38] The area Where the variables seq# ere stored is not limited te.the OtH defiactiva block of the m$dia defect list. 
Aiternatively, the variables seq# may be stored In another storage ai«a the reading/Writing of which is disabled for the 
other purposes. 

[0139] Rg. 9 illustrates the process of moving a contem from the flash memory 61 Intoihe HDD 21^^ 
[0140] In step S21, the CPU 53 performs mutual authentbalion with the flash memory 61 and acquires the encryp- 
ts tion key Kc ln step S22, the authentication program 141 of the personal computer 1 perfonns mutual authentication 
with the CPU 53 of the portable device 6 and acquires the communteation key Ks which is used by both the authenti- 
cation program 141 and the CPU 53.Thisstepis performedlna similar mannertostepS1 described above with refer- 
ence to Rg. 6 (except thatthe common communication key is used in step SI). 

[0141] In step S23, the usage rule management program 140 sends the predeitermlned special command to the 
40 CPU 53 so as to request the CPU 53 to update the variable seq# stored in the Oth defective block (Rg. 8B) of the media 
defect list (Rg. 8A) of the flash memory 61. In response to the request, the CPU 53. updates the variable seq# to a 
proper value. 

[0142] In step S24, the CPU 53 encrypts the encryption key Kc acquired from the flash memory 61 in step S22, 
using the communication key Ks acquired in step S22. The resultant encryption key l<c is transmitted to the usage rule 

4S management program 1 40. In step S25, the CPU 53 receives encrypted content data desoribed Iri the data portion of 
a content fife stored In the flash mamory 61. The CPU 53 encrypte the received date with the communication keyKs 
and transfers It to the movement management program 134. The movement management program 134 stores the con- 
tent, transferred from the portable device 6, into the HDD 21 (content database 1 14). In step S26, the movement man- 
agement program 1 34 requests the decryption prograni 142 to decrypt the encryption key Kc received from the portable 

50 device 6, using the communication key Ks. The resultant decrypted encryption key Kc is then decrypted by the encryp- 
tion program 137 using a dedicated storage key and stored In the HDD 21. 

[0143] In step S27, the movement management program 134 notifies the CPU 53 that the content file has been 
copied. In response, in step S28, the CPU 53 deletes the content file (which has been transmitted to the usage rule 
management program 140 in step S25) from the flash memory 61 . 
55 [0144] If the movement process is perform in the above-^lescribed manneri the unauthorized copying process 
described above with reference to Rg. 7 can be prevented. Now, let us assume that a content A is stored in the flash 
memory 61-1 of the portable devtee 6-1. In this case, the MAC \mlue MAC'^t is deserlbed as Important information of 
the content A in the header portion of the content A. Furthenmore, the variable seq-1 Is stored In the 0th defective block 
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of the media defect list, in correspondence with the content A (hereinafter, such a state is represented by •A(MAC-I). 
seq-1 ") In this state, if the content file is backed up into the content database 1 1 4 in the HDD 21 , the content A(MAC- 
1 ) Is stored In the content database 1 1 4, and the content A(IVIAC-t). seq-1 remains In the flash memory 61 -1 because 
the variable seq-1 and the IWAC-i in the flash memory 61-1 are not updated. 

5 [0145] Thereafter, if thecorttent A(IVIAC-I). seq-l Is moved from the flash memory 61-1 into the content database 
1 14 the MAC-1 Is not updated although the variable seq-1 of the flash memory 61-1 Is updated to the variable seq-2 
(in step S23). Thus, the content A(MAC-1 ) is recorded into the content database 11 4. The movement management pro- 
gram 134 informs the CPU 53 that the content A has been moved. In response, the CPU 53 deletes the content A from 
the flash memory 61-1. ,. u x, u 

to [0146J |f,thereafter.thecontentA(MAC-1)backed-upinthecontentdatabase 11 4 is restored into the flash memory 
61 -1 a content A(MAC-1 ), seq-2 is stored Into the flash memory 61 -1 . Furthermore, if the content A(MAC-1 ) moved into 
the content database 1 1 4 is moved Into the flash memory 61 -1 of the portable device 6-2, the variable seq-2 Is further 
updated to a variable seq-3, and thus the content is stored as a content A(MAC-1 ), seq3. 

[01 471 If the content is reproduced from the flash memory 61 -1 or 61 -2 in accordance with the process shown in 
15 the flow chart of Fig. 6, the variable seq-2 (or seq-3) Is used in the calculation of the IWIAC value in step S2. and thus the 
calculation result becomes different from MAC-1 described in the header portion of the content file. As a result, the 
determination in step S3 becomes negative. Thus, this content is regarded as an unauthorized copy and the reproduc- 
tion thereof Is disabled. ■ . u X , u , 
[0148] In the above desorlption, the portable device 6 is employed as a storage medium by way of example. How- 
20 ever,thepre8entinventionmayalso:beapplied,whehdatalscopiedormovedtoothertyp^ 

[0149] In addition to music data and other audio data, the content data may be other types of data such as Image 
data. 

[0150] The process described above may be performed by hardware or software. In the case where the process is 
performed by software, the software may be a program which is installed from a program storage medium onto a com- 
as puter (corresponding to the CPU 53) installed as. dedicated hardware in the portable device 6, or onto a general-pur- 
pose computer capable of executing various programs installed thereon. _ 
[0151 ] Various types of media may be employed as the program storage medium for storing the program which is 
to be Installed onto a computer and executed by the computer. They Include, as shown in Fig. 2, a magnetic disk 41 
(such as a floppy disk), an optical disk 42 (such as a CD-ROM (compact disc-read only memory), a DVD (digital versa- 
30 tile disk), a raagnetooptlcal disk 43 (such as an MD (mini-disk), a package medium such as a semlGonductor memory 
44 and a ROM 12 or HDD 21 fbr Storing aprogram pennanently or teniporarily. The program may be stored into ttie 
program storage medium via a wire.or wireless communication medium such as the network 2 (local area network or 
the Ihternet) or digital broadcasting, using an interface sueh as the communication dwice 25 as required. 
[01521 In the present Invention, the steps descried in the program stored in the program storage medium may be 
35 performed either in time sequence In accordance with the order described in the program or in a parallel or separate 

[0153] ' Furthermore, in the present invention, the term "system" is used to describe the entire apparatus Including 
a plurality of devices. , . .^i 

[0154] As described above, the present invention provides the information processing apparatus, the information 
40 method, and the program stored in a program storage medium, in which the result of a calculation performed on the 
basis of calculation information and an encryption key is compared with a previous calculation result, and use of stored 
content data is controlled in accordance with the comparison result thereby making it possible to detect content data 
whteh has been copied in an unauthorized manner and thus making it possible to prevent content data from belnacop- 
led in an unauthorized manner. 



1. An information processing apparatus comprising: 

storage means for storing content data encrypted with an encrypSon key; 

holding means for holding management information associated with said content data stored in said storage 
means; j i i 

calculation means for performing a predetermined calculation on the basis of said encryption key and calcula- 
tion information included in said management infomiation. said calculation information including Update infor- 
mation which Is updated with predetermined timing; 

memory means for storing the result of the calculation performed by said calculation means; and 

conttol meansforeomparing the result of the calculation pertbmied by said ealpulatlon means with a previous 

calculation result stored in said memory means and controlling use of said content data stored in said storage 
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means in accordance with the result of the comparison. 

2. An information processing apparatus according to Claim 1 , wherein said calculation means performs said calcula- 
tion by applying a hash function to said calculation infbnriatlon and said encryption Icey. 

5 

3. An information processing apparatus according to Claim 1, Wherein: 

said content data is music data; 

said calculation information Includes identification Irrformatlon Identifying said music data; and 
10 said holding means holds said update ihfomnatlph In an «re& whksh is not allowed to be read or written for a 

general purpose. . . 

4. An information processing method comprlslngthe Steps of: 

15 storing content data encrypted with an encryption key; 

holding management Informatioh associated whh isald content data stored In said storage step; 

performing a predetermined calculation on the basis of said encrypHon key and oatetilatlon Infbnnation 

included in said management infomnation, said cak:ulatIon Infonnatlon including update information which is 

updated with predetermined timing; 
20 memory means for memorizing the result of the calculation performed in said calculation stdp; and 

comparing the result of the calculation performed In said calculation step with a previous caksulation result 

memorized In said memorizing 6tep and contrDllIng use of said content data stored In said storage step in 

accordance with the result of the (Comparison. 

25 5. A program storage medium on which a program Is stored, said program including the steps of: storing content date 
encrypted with an encryption key; 

. holding management lnfonT)ationasso<dEtt(sd with said content date stored In said s^ 
performing a ^redefermlnad calculation oh the basis of said enoiyptlen-key^^nd cateulatlon infomnation 
30 Included In said management: Information; said calculation Infomnation Inoluding update information which is- - 

updated with predetermined timing; 

memory means for memorizing the result of the calculation perfonned in said calculation step; and 
comparing the result of the calculation performed in said calculation step with a previous calculation result 
memorized in said memorizing step and controlling use of said content date stored In said storage step in 
35 accordance with the result of the comparison. 
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